fixed browse users, add user, edit user

author: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2007-06-04 07:40:06 +0000
committer: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2007-06-04 07:40:06 +0000
commit: 7743d70c68444fc2e20a6a4aa2f9a980203b999e (patch)
tree: 32d7c68ba195e429bde67e00c73ae6679159e82d /lib
parent: 19276f57a9eeacae7829629baa35fcb28d77419f (diff)
download: ampache-7743d70c68444fc2e20a6a4aa2f9a980203b999e.tar.gz
ampache-7743d70c68444fc2e20a6a4aa2f9a980203b999e.tar.bz2
ampache-7743d70c68444fc2e20a6a4aa2f9a980203b999e.zip
4 files changed, 108 insertions, 83 deletions
diff --git a/lib/class/browse.class.php b/lib/class/browse.class.php
index 8613559f..91fd067b 100644
--- a/lib/class/browse.class.php
+++ b/lib/class/browse.class.php
@@ -84,6 +84,7 @@ class Browse {
 	public static function set_type($type) { 
 
 		switch($type) { 
+			case 'user':
 			case 'song':
 			case 'album':
 			case 'artist':
@@ -161,6 +162,9 @@ class Browse {
 			case 'genre':
 				$sql = "SELECT `genre`.`id` FROM `genre` ";
 			break;
+			case 'user': 
+				$sql = "SELECT `user`.`id` FROM `user` ";
+			break;
 			case 'song':
 			default:
 				$sql = "SELECT `song`.`id` FROM `song` ";  
@@ -308,6 +312,11 @@ class Browse {
 				require_once Config::get('prefix') . '/templates/show_genres.inc.php'; 
 				show_box_bottom(); 
 			break;
+			case 'user':
+				show_box_top(_('Manage Users')); 
+				require_once Config::get('prefix') . '/templates/show_users.inc.php'; 
+				show_box_bottom(); 
+			break;
 			case 'artist':
 				show_box_top(); 
 				require_once Config::get('prefix') . '/templates/show_artists.inc.php'; 
diff --git a/lib/class/user.class.php b/lib/class/user.class.php
index fe75d587..4019ba98 100644
--- a/lib/class/user.class.php
+++ b/lib/class/user.class.php
@@ -293,17 +293,19 @@ class User {
 
 	} // get_recommendations
 
-	/*!
-		@function is_logged_in
-		@discussion checks to see if $this user is logged in
-	*/
-	function is_logged_in() { 
+	/**
+	 * is_logged_in
+	 * checks to see if $this user is logged in
+	 */
+	public function is_logged_in() { 
 
-		$sql = "SELECT id FROM session WHERE `username`='$this->username'" .
-			" AND expire > ". time();
-		$db_results = mysql_query($sql,dbh());
+		$username = Dba::escape($this->username); 
+
+		$sql = "SELECT `id` FROM `session` WHERE `username`='$username'" .
+			" AND `expire` > ". time();
+		$db_results = Dba::query($sql);
 
-		if (mysql_num_rows($db_results)) { 
+		if (Dba::num_rows($db_results)) { 
 			return true;
 		}
 
@@ -385,16 +387,16 @@ class User {
 
 	} // add_preference
 
-	/*!
-		@function update_username
-		@discussion updates their username
-	*/
-	function update_username($new_username) {
+	/**
+	 * update_username
+	 * updates their username
+	 */
+	public function update_username($new_username) {
 
-		$new_username = sql_escape($new_username);
+		$new_username = Dba::escape($new_username);
 		$sql = "UPDATE `user` SET `username`='$new_username' WHERE `id`='$this->id'";
 		$this->username = $new_username;
-		$db_results = mysql_query($sql, dbh());
+		$db_results = Dba::query($sql);
 
 	} // update_username
 
@@ -415,27 +417,27 @@ class User {
 
 	} // update_validation
 
-	/*!
-		@function update_fullname
-		@discussion updates their fullname
-	*/
-	function update_fullname($new_fullname) {
+	/**
+	 * update_fullname
+	 * updates their fullname
+	 */
+	public function update_fullname($new_fullname) {
 		
-		$new_fullname = sql_escape($new_fullname);
-		$sql = "UPDATE user SET fullname='$new_fullname' WHERE `id`='$this->id'";
-		$db_results = mysql_query($sql, dbh());
+		$new_fullname = Dba::escape($new_fullname);
+		$sql = "UPDATE `user` SET `fullname`='$new_fullname' WHERE `id`='$this->id'";
+		$db_results = Dba::query($sql);
 
 	} // update_fullname
 
-	/*!
-		@function update_email
-		@discussion updates their email address
-	*/
-	function update_email($new_email) {
+	/**
+	 * update_email
+	 * updates their email address
+	 */
+	public function update_email($new_email) {
 
-		$new_email = sql_escape($new_email);
-		$sql = "UPDATE user SET email='$new_email' WHERE `id`='$this->id'";
-		$db_results = mysql_query($sql, dbh());
+		$new_email = Dba::escape($new_email);
+		$sql = "UPDATE `user` SET `email`='$new_email' WHERE `id`='$this->id'";
+		$db_results = Dba::query($sql);
 
 	} // update_email
 
@@ -478,20 +480,19 @@ class User {
 	/**
 	 * update_access
 	 * updates their access level
-	 * @todo Remove References to the named version of access
 	 */
-	function update_access($new_access) { 
+	public function update_access($new_access) { 
 
 		/* Prevent Only User accounts */
 		if ($new_access < '100') { 
 			$sql = "SELECT `id` FROM user WHERE `access`='100' AND `id` != '$this->id'";
-			$db_results = mysql_query($sql, dbh());
-			if (!mysql_num_rows($db_results)) { return false; }
+			$db_results = Dba::query($sql);
+			if (!Dba::num_rows($db_results)) { return false; }
 		}
 
-		$new_access = sql_escape($new_access);
+		$new_access = Dba::escape($new_access);
 		$sql = "UPDATE `user` SET `access`='$new_access' WHERE `id`='$this->id'";
-		$db_results = mysql_query($sql, dbh());
+		$db_results = Dba::query($sql);
 
 	} // update_access
 
@@ -610,41 +611,40 @@ class User {
 
 	} // create
 	
-	/*!
-		@function update_password
-		@discussion updates a users password
-	*/
-	function update_password($new_password) { 
+	/**
+	 * update_password
+	 * updates a users password
+	 */
+	public function update_password($new_password) { 
 
-		$new_password = sql_escape($new_password);
-		$sql = "UPDATE user SET password=PASSWORD('$new_password') WHERE `id`='$this->id'";
-		$db_results = mysql_query($sql, dbh());
+		$new_password = Dba::escape($new_password);
+		$sql = "UPDATE `user` SET `password`=PASSWORD('$new_password') WHERE `id`='$this->id'";
+		$db_results = Dba::query($sql);
 
-		return true;
 	} // update_password 
 
 	/**
-	 * format_user
+	 * format
 	 * This function sets up the extra variables we need when we are displaying a
 	 * user for an admin, these should not be normally called when creating a 
 	 * user object
 	 */
-	function format_user() { 
+	public function format() { 
 
 		/* If they have a last seen date */
-		if (!$this->last_seen) { $this->f_last_seen = "Never"; }
+		if (!$this->last_seen) { $this->f_last_seen = _('Never'); }
 		else { $this->f_last_seen = date("m\/d\/Y - H:i",$this->last_seen); }
 
 		/* If they have a create date */
-        	if (!$this->create_date) { $this->f_create_date = "Unknown"; }
-		else { $this->f_create_date = date("m\/d\/Y - H:i",$user->create_date); }
+        	if (!$this->create_date) { $this->f_create_date = _('Unknown'); }
+		else { $this->f_create_date = date("m\/d\/Y - H:i",$this->create_date); }
 
 		/* Calculate their total Bandwidth Useage */
-		$sql = "SELECT song.size FROM song LEFT JOIN object_count ON song.id=object_count.object_id " . 
-			"WHERE object_count.user='$this->id' AND object_count.object_type='song'";
-		$db_results = mysql_query($sql, dbh());
+		$sql = "SELECT `song`.`size` FROM `song` LEFT JOIN `object_count` ON `song`.`id`=`object_count`.`object_id` " . 
+			"WHERE `object_count`.`user`='$this->id' AND `object_count`.`object_type`='song'";
+		$db_results = Dba::query($sql);
 
-		while ($r = mysql_fetch_assoc($db_results)) { 
+		while ($r = Dba::fetch_assoc($db_results)) { 
 			$total = $total + $r['size'];
 		}		
 
@@ -656,6 +656,7 @@ class User {
 		}
 
 		switch ($divided) { 
+			default:
 			case '1': $name = "KB"; break;
 			case '2': $name = "MB"; break;
 			case '3': $name = "GB"; break;
@@ -937,28 +938,31 @@ class User {
         /**
          * get_ip_history 
          * This returns the ip_history from the
-         * last conf('user_ip_cardinality') days
+         * last Config::get('user_ip_cardinality') days
          */             
-        function get_ip_history($count='',$distinct='') { 
+        public function get_ip_history($count='',$distinct='') { 
 
-		$username 	= sql_escape($this->id);
+		$username 	= Dba::escape($this->id);
 
 		if ($count) { 
 			$limit_sql = "LIMIT " . intval($count);
 		}
+		else { 
+			$limit_sql = "LIMIT " . intval(Config::get('user_ip_cardinality'));
+		} 
 		if ($distinct) { 
-			$group_sql = "GROUP BY ip";
+			$group_sql = "GROUP BY `ip`";
 		}
                         
                 /* Select ip history */
-                $sql = "SELECT ip,date FROM ip_history" .
-                        " WHERE user='$username'" .
+                $sql = "SELECT `ip`,`date` FROM `ip_history`" .
+                        " WHERE `user`='$username'" .
                         " $group_sql ORDER BY `date` DESC $limit_sql";
-                $db_results = mysql_query($sql, dbh());
+                $db_results = Dba::query($sql);
 
                 $results = array();
          
-                while ($r = mysql_fetch_assoc($db_results)) {
+                while ($r = Dba::fetch_assoc($db_results)) {
                         $results[] = $r;
                 }
         
@@ -997,6 +1001,26 @@ class User {
                 return true;
 
         } // is_xmlrpc
+
+	/**
+	 * check_username
+	 * This checks to make sure the username passed doesn't already
+	 * exist in this instance of ampache
+	 */
+	public static function check_username($username) { 
+
+		$usrename = Dba::escape($username); 
+
+		$sql = "SELECT `id` FROM `user` WHERE `username`='$username'"; 
+		$db_results = Dba::query($sql); 
+
+		if (Dba::num_rows($db_results)) { 
+			return false; 
+		} 
+
+		return true; 
+
+	} // check_username
 	
 } //end user class
 
diff --git a/lib/general.lib.php b/lib/general.lib.php
index 4ee9796f..a72bb4fd 100644
--- a/lib/general.lib.php
+++ b/lib/general.lib.php
@@ -556,25 +556,6 @@ function clear_catalog_stats() {
 } // clear_catalog_stats
 
 /**
- * check_username
- * this function checks to make sure the specified username doesn't already exist 
- * @package General
- * @catagory Users
- */
-function check_username($username) { 
-
-	$sql = "SELECT username FROM user WHERE username = '" . sql_escape($username) . "'";
-	$db_results = mysql_query($sql, dbh());
-
-	if (mysql_fetch_row($db_results)) { 
-		return false; 
-	}
-
-	return true;
-
-} // check_username
-
-/**
  * scrub_out
  * This function is used to escape user data that is getting redisplayed
  * onto the page, it htmlentities the mojo
diff --git a/lib/ui.lib.php b/lib/ui.lib.php
index 88cfc3c2..be447091 100644
--- a/lib/ui.lib.php
+++ b/lib/ui.lib.php
@@ -236,6 +236,17 @@ function truncate_with_ellipsis($text, $max=27) {
 } // truncate_with_ellipsis
 
 /**
+ * show_header
+ * This shows the header.inc.php, it may do something
+ * more in the future
+ */
+function show_header() { 
+
+	require_once Config::get('prefix') . '/templates/header.inc.php'; 
+
+} // show_header
+
+/**
  *  show_footer
  * shows the footer of the page
  */
author	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2007-06-04 07:40:06 +0000
committer	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2007-06-04 07:40:06 +0000
commit	7743d70c68444fc2e20a6a4aa2f9a980203b999e (patch)
tree	32d7c68ba195e429bde67e00c73ae6679159e82d /lib
parent	19276f57a9eeacae7829629baa35fcb28d77419f (diff)
download	ampache-7743d70c68444fc2e20a6a4aa2f9a980203b999e.tar.gz ampache-7743d70c68444fc2e20a6a4aa2f9a980203b999e.tar.bz2 ampache-7743d70c68444fc2e20a6a4aa2f9a980203b999e.zip